in4it · wardviaene · Aug 21, 2024 · Aug 20, 2024 · Aug 20, 2024 · Aug 20, 2024
diff --git a/docs/release-notes.md b/docs/release-notes.md
@@ -1,5 +1,10 @@
 # Release Notes
 
+## Version v1.1.0
+* UI: change VPN configuration within the admin UI
+* UI: ability to reload WireGuard® configuration 
+* UI: modify client/server WireGuard® configuration files using templates
+
 ## Version v1.0.41
 * UI: axios version bump
 * UI: disable https forwarding when request is served over http
@@ -47,4 +52,4 @@ Once upgraded to this release, new upgrades can be done through the UI.
 
 * Local Users Support
 * OIDC Support
-* Wireguard® for VPN Connections
+* WireGuard® for VPN Connections
diff --git a/latest b/latest
@@ -1 +1 @@
-v1.0.41
+v1.1.0
diff --git a/pkg/configmanager/handlers.go b/pkg/configmanager/handlers.go
@@ -117,6 +117,31 @@ func (c *ConfigManager) version(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func (c *ConfigManager) restartVpn(w http.ResponseWriter, r *http.Request) {
+	switch r.Method {
+	case http.MethodPost:
+		err := stopVPN(c.Storage)
+		if err != nil { // don't exit, as the VPN might be down already.
+			fmt.Println("========= Warning =========")
+			fmt.Printf("Warning: vpn stop error: %s\n", err)
+			fmt.Println("=========================")
+		}
+		err = startVPN(c.Storage)
+		if err != nil {
+			returnError(w, fmt.Errorf("vpn start error: %s", err), http.StatusBadRequest)
+			return
+		}
+		err = refreshAllClientsAndServer(c.Storage)
+		if err != nil {
+			returnError(w, fmt.Errorf("could not refresh all clients: %s", err), http.StatusBadRequest)
+			return
+		}
+		w.WriteHeader(http.StatusAccepted)
+	default:
+		returnError(w, fmt.Errorf("method not supported"), http.StatusBadRequest)
+	}
+}
+
 func returnError(w http.ResponseWriter, err error, statusCode int) {
 	fmt.Println("========= ERROR =========")
 	fmt.Printf("Error: %s\n", err)

diff --git a/pkg/configmanager/router.go b/pkg/configmanager/router.go
@@ -8,6 +8,7 @@ func (c *ConfigManager) getRouter() *http.ServeMux {
 	mux.Handle("/pubkey", http.HandlerFunc(c.getPubKey))
 	mux.Handle("/refresh-clients", http.HandlerFunc(c.refreshClients))
 	mux.Handle("/upgrade", http.HandlerFunc(c.upgrade))
+	mux.Handle("/restart-vpn", http.HandlerFunc(c.restartVpn))
 	mux.Handle("/version", http.HandlerFunc(c.version))
 
 	return mux

diff --git a/pkg/configmanager/start_darwin.go b/pkg/configmanager/start_darwin.go
@@ -13,3 +13,8 @@ func startVPN(storage storage.Iface) error {
 	fmt.Printf("Warning: startVPN is not implemented in darwin\n")
 	return nil
 }
+
+func stopVPN(storage storage.Iface) error {
+	fmt.Printf("Warning: startVPN is not implemented in darwin\n")
+	return nil
+}
diff --git a/pkg/configmanager/start_linux.go b/pkg/configmanager/start_linux.go
@@ -17,3 +17,7 @@ func startVPN(storage storage.Iface) error {
 	}
 	return wireguard.StartVPN()
 }
+
+func stopVPN(storage storage.Iface) error {
+	return wireguard.StopVPN()
+}
diff --git a/pkg/configmanager/upgrade.go b/pkg/configmanager/upgrade.go
@@ -42,6 +42,9 @@ func newVersionAvailable() (bool, string, error) {
 			if i1 > i2 {
 				return true, latestVersion, nil
 			}
+			if i1 < i2 {
+				return false, latestVersion, nil
+			}
 		}
 	}
 	return false, latestVersion, nil

diff --git a/pkg/configmanager/upgrade_test.go b/pkg/configmanager/upgrade_test.go
@@ -145,3 +145,66 @@ func TestNewVersionAvailableBogus2(t *testing.T) {
 		t.Fatalf("expected new version not to be available: %s", version)
 	}
 }
+func TestNewVersionAvailableHigherVersionMajor(t *testing.T) {
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		if req.URL.RequestURI() == "/latest" {
+			currentVersionSplit := strings.Split(getVersion(), ".")
+			if len(currentVersionSplit) != 3 {
+				t.Fatalf("unsupported current version: %s", getVersion())
+			}
+			i, err := strconv.Atoi(currentVersionSplit[1])
+			if err != nil {
+				t.Fatalf("unsupported current version: %s", getVersion())
+			}
+			i++
+			newVersion := strings.Join([]string{currentVersionSplit[0], strconv.Itoa(i), "0"}, ".")
+			w.Write([]byte(newVersion))
+			return
+		}
+		w.WriteHeader(http.StatusNotFound)
+	}))
+
+	defer server.Close()
+
+	BINARIES_URL = server.URL
+
+	available, version, err := newVersionAvailable()
+	if err != nil {
+		t.Fatalf("error: %s", err)
+	}
+	if !available {
+		t.Fatalf("expected new version expected to be available: %s", version)
+	}
+}
+
+func TestNewVersionNotAvailableHigherVersionMajor(t *testing.T) {
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		if req.URL.RequestURI() == "/latest" {
+			currentVersionSplit := strings.Split(getVersion(), ".")
+			if len(currentVersionSplit) != 3 {
+				t.Fatalf("unsupported current version: %s", getVersion())
+			}
+			i, err := strconv.Atoi(currentVersionSplit[1])
+			if err != nil {
+				t.Fatalf("unsupported current version: %s", getVersion())
+			}
+			i--
+			newVersion := strings.Join([]string{currentVersionSplit[0], strconv.Itoa(i), "99"}, ".")
+			w.Write([]byte(newVersion))
+			return
+		}
+		w.WriteHeader(http.StatusNotFound)
+	}))
+
+	defer server.Close()
+
+	BINARIES_URL = server.URL
+
+	available, version, err := newVersionAvailable()
+	if err != nil {
+		t.Fatalf("error: %s", err)
+	}
+	if available {
+		t.Fatalf("expected new version expected not to be available: %s (current version: %s)", version, getVersion())
+	}
+}
diff --git a/pkg/rest/router.go b/pkg/rest/router.go
@@ -53,7 +53,10 @@ func (c *Context) getRouter(assets fs.FS, indexHtml []byte) *http.ServeMux {
 	mux.Handle("/api/oidc", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.oidcProviderHandler)))))
 	mux.Handle("/api/oidc-renew-tokens", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.oidcRenewTokensHandler)))))
 	mux.Handle("/api/oidc/{id}", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.oidcProviderElementHandler)))))
-	mux.Handle("/api/setup", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.setupHandler)))))
+	mux.Handle("/api/setup/general", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.setupHandler)))))
+	mux.Handle("/api/setup/vpn", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.vpnSetupHandler)))))
+	mux.Handle("/api/setup/templates", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.templateSetupHandler)))))
+	mux.Handle("/api/setup/restart-vpn", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.restartVPNHandler)))))
 	mux.Handle("/api/scim-setup", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.scimSetupHandler)))))
 	mux.Handle("/api/saml-setup", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.samlSetupHandler)))))
 	mux.Handle("/api/saml-setup/{id}", c.authMiddleware(c.injectUserMiddleware(c.isAdminMiddleware(http.HandlerFunc(c.samlSetupElementHandler)))))